digital-telepresence
/
dtp-base-v1
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

OAuth2 exchange updates

pull/1/head
Rob Colbert 3 years ago
parent
8574f655fe
commit
7d2ee1f522
3 changed files with 44 additions and 19 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 4
      app/models/oauth2-client.js
  2. 57
      app/services/oauth2.js
  3. 2
      app/views/admin/core-node/connect-result.pug

4
app/models/oauth2-client.js
View File

@ -12,10 +12,10 @@ const OAuth2ClientSchema = new Schema({
created: { type: Date, default: Date.now, required: true },
updated: { type: Date, default: Date.now, required: true },
site: {
name: { type: String, required: true },
description: { type: String, required: true },
domain: { type: String, required: true, index: 1 },
domainKey: { type: String, required: true, index: 1 },
name: { type: String, required: true },
description: { type: String, required: true },
company: { type: String, required: true },
},
secret: { type: String, required: true },

57
app/services/oauth2.js
View File

@ -161,23 +161,48 @@ class OAuth2Service extends SiteService {
const NOW = new Date();
const PASSWORD_LEN = parseInt(process.env.DTP_CORE_AUTH_PASSWORD_LEN || '64', 10);
const client = new OAuth2Client();
client.created = NOW;
client.updated = NOW;
client.site.name = striptags(clientDefinition.name);
client.site.description = striptags(clientDefinition.description);
client.site.domain = striptags(clientDefinition.domain);
client.site.domainKey = striptags(clientDefinition.domainKey);
client.site.company = striptags(clientDefinition.company);
client.secret = generatePassword(PASSWORD_LEN, false);
client.scopes = clientDefinition.coreAuth.redirectUri.map((scope) => striptags(scope));
client.redirectUri = striptags(clientDefinition.coreAuth.redirectUri);
await client.save();
// scrub up the input data to help prevent shenanigans
clientDefinition.name = striptags(clientDefinition.name);
clientDefinition.description = striptags(clientDefinition.description);
clientDefinition.domain = striptags(clientDefinition.domain);
clientDefinition.domainKey = striptags(clientDefinition.domainKey);
clientDefinition.company = striptags(clientDefinition.company);
clientDefinition.secret = generatePassword(PASSWORD_LEN, false);
clientDefinition.coreAuth.scopes = clientDefinition.coreAuth.scopes.map((scope) => striptags(scope));
clientDefinition.coreAuth.redirectUri = striptags(clientDefinition.coreAuth.redirectUri);
/*
* Use an upsert to either update or create the OAuth2 client record for the
* calling host.
*/
const client = await OAuth2Client.updateOne(
{
'site.domain': clientDefinition.domain,
'site.domainKey': clientDefinition.domainKey,
},
{
$setOnInsert: {
created: NOW,
'site.domain': clientDefinition.domain,
'site.domainKey': clientDefinition.domainKey,
},
$set: {
updated: NOW,
'site.name': clientDefinition.name,
'site.description': clientDefinition.description,
'site.company': clientDefinition.company,
secret: clientDefinition.secret,
scopes: clientDefinition.coreAuth.scopes,
redirectUri: clientDefinition.coreAuth.redirectUri,
},
},
{ upsert: true, returnDocument: true },
);
this.log.info('new OAuth2 client created', {
this.log.info('new OAuth2 client updated', {
clientId: client._id,
site: client.site.name,
domain: client.site.domain,

2
app/views/admin/core-node/connect-result.pug
View File

@ -2,4 +2,4 @@ extends ../layouts/main
block content
h1 Core Connect Response
pre= JSON.stringify(txConnect, null, 2)
pre= JSON.stringify(txConnect.response, null, 2)
Write Preview
Loading…
Cancel
Save